lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Sun, 3 May 2020 15:33:21 +0800 From: Dongyang Zhan <zdyzztq@...il.com> To: linux-kernel@...r.kernel.org Subject: Possible null pointer dereference in smp_init_package_map() Hi, I am a security researcher, my name is Dongyang Zhan. I found a potential bug. I hope you can help me to confirm it. Thank you. In Linux 4.10.17, smp_init_package_map() in /arch/x86/kernel/smpboot.c does not handle the failure of memory allocation, which may cause a null pointer dereference bug. Source code link: https://elixir.bootlin.com/linux/v4.10.17/source/arch/x86/kernel/smpboot.c#L326 Source code and comments: physical_to_logical_pkg = kmalloc(size, GFP_KERNEL); memset(physical_to_logical_pkg, 0xff, size); // does not check if kmalloc fails
Powered by blists - more mailing lists